Skip to content

Download the airgap bundles#

In an airgapped environment, the artifacts for Mirantis k0rdent Enterprise and Kubernetes to install child clusters need to be available.

The Mirantis k0rdent Enterprise bundle#

The Mirantis k0rdent Enterprise bundle needs to be added to the registry so that Helm can install it.

To download the airgap bundle and its signature, use the following commands:

wget https://get.mirantis.com/k0rdent-enterprise/1.0.0/airgap-bundle-1.0.0.tar.gz
wget https://get.mirantis.com/k0rdent-enterprise/1.0.0/airgap-bundle-1.0.0.tar.gz.sig

To verify the downloaded file, use cosign:

cosign verify-blob --key https://get.mirantis.com/k0rdent-enterprise/cosign.pub --signature airgap-bundle-1.0.0.tar.gz.sig airgap-bundle-1.0.0.tar.gz

Note

If you need to use offline verification, download the public key downloaded and transfer it along with the bundle and signature to the airgapped environment.

Now we'll add it to the registry.

First unpack the bundle to a temporary directory:

mkdir airgap-bundle
tar -xf airgap-bundle-1.0.0.tar.gz -C airgap-bundle

Then upload it to the registry using skopeo.

Log in to the registry, then run:

cd airgap-bundle
export REGISTRY="registry.local/k0rdent-enterprise"
for file in $(find . -type f | sed -s s~^./~~g); do echo $file; bn=${file%*.tar}; skopeo copy -a oci-archive:${file} docker://${REGISTRY}/${bn%_*}:${bn#*_}; done

Warning

Make sure to replace registry.local with the actual registry host name.

The k0s bundle#

The k0s binaries, which are a separate, binary artifact, need to be added to the HTTP server so they can be used to install child clusters. Start by downloading the binaries:

wget https://get.mirantis.com/k0rdent-enterprise/1.0.0/k0s-v1.32.5+k0s.1-amd64
wget https://get.mirantis.com/k0rdent-enterprise/1.0.0/k0s-v1.32.5+k0s.1-amd64.sig
wget https://get.mirantis.com/k0rdent-enterprise/1.0.0/k0s-v1.32.1+k0s.0-amd64
wget https://get.mirantis.com/k0rdent-enterprise/1.0.0/k0s-v1.32.1+k0s.0-amd64.sig

Use cosign to verify this signature as well:

cosign verify-blob --key https://get.mirantis.com/k0rdent-enterprise/cosign.pub --signature k0s-v1.32.5+k0s.1-amd64.sig k0s-v1.32.5+k0s.1-amd64

Now upload the k0s binary file to any HTTP server available from within the airgapped environment, such as one running in the management cluster.

Warning

Do not change the name of the k0s binary, or the deployment will fail.